An Anti-pattern for Misuse Cases

Mohammad Torabi Dashti, Saša Radomirović*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

18 Downloads (Pure)


Misuse case analysis is a method for the elicitation, documentation, and communication of security requirements. It builds upon the well-established use case analysis method and is one of the few existing techniques dedicated to security requirements engineering. We present an anti-pattern for applying misuse cases, dubbed “orphan misuses.” Orphan misuse cases by and large ignore the system at hand, thus providing little insight into its security. Common symptoms include implementation-dependent threats and overly general, vacuous mitigations. We illustrate orphan misuse cases through examples, explain their negative consequences in detail, and give guidelines for avoiding them.

Original languageEnglish
Title of host publicationComputer Security. SECPRE 2017, CyberICPS 2017
Number of pages12
ISBN (Electronic)9783319728179
ISBN (Print)9783319728162
Publication statusPublished - 2018
Event1st International Workshop on Security and Privacy Requirements Engineering 2017 - Oslo, Norway
Duration: 14 Sept 201715 Sept 2017

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference1st International Workshop on Security and Privacy Requirements Engineering 2017
Abbreviated titleSECPRE 2017

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'An Anti-pattern for Misuse Cases'. Together they form a unique fingerprint.

Cite this